<?php

namespace App\Http\Middleware;

use Closure;
use Auth;
use App\Admin\Role;
use Route;

class CheckRbac
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {

        $role_id = Auth::guard('admin') ->user() ->role_id;
        if($role_id > 1) {
            $data = Role::where('id',$role_id) ->value('auth_ac');
            $data .= ',IndexController@index,IndexController@welcome';
            $action = Route::currentRouteAction();
            $act = explode('\\', $action);
            if(!stripos($data, end($act))) {
                // echo "没有权限";
                // return redirect('/admin/index/index');
                // header("Location:/admin/index/index");
                // echo"<script>history.go(-1);</script>" ; 
                // echo "<script>alert('退出成功!');location.href='".$_SERVER["HTTP_REFERER"]."';</script>";
                echo "<script>alert('没有权限');parent.location.reload();</script>";
                die;
            }
        }
        return $next($request);
    }
}
